Security System – past and present

2016-07-25

2017-08-30

News and events

security, safety, pritection, Brute Force

In a previous article I told you more about the meaning of “security” in the context of SuperHosting.BG and the most common attempts to compromise customer websites and emails. Today, I will talk about how our protection measures against malicious actions changed through the years.

Our security system, as it was at the beginning

We at SuperHosting.BG have always paid great attention to the security of our customers. We have always tried to keep our infrastructure protected to the greatest extent, therefore we use various technologies that allow our equipment operating systems to be always up-to-date. However, there was still room for improvement in order to take the customer website protection to the next level. A while ago we conducted our explanatory “Security Campaign“, which aim was to improve the knowledge of our customers regarding their website security. Our first article from the campaign, How to improve your website security in 10 steps, is still very relevant.

In the beginning of 2013, the number of the so-called Brute Force attacks against WordPress websites increased significantly. The Global Brute Force attack against WordPress websites article describes such an attack that affected all our customers. The aim of those attacks is to “gather” a maximum of websites to which the malicious persons have access and to use them for other “bad” activities later on.

However, this was not acceptable to us. We quickly gathered a team which found a sustainable solution against such activities. This resulted in the first release of our Security system. Foundations have been laid!

We set our goals and continued to improve it over time.

After the initial release that helped us handle the WordPress and Joomla Brute-Force attacks, we defined the main goals we would like to achieve with our Security system:

Decreasing or even completely eliminating the cases of “hacked” customer websites;

Neutralization of distributed Brute Force attacks;

Improved operation of our entire infrastructure;

Reduction of the used resources (CPU time in particular), caused by malicious traffic;

Prevention of SPAM being sent from our infrastructure;

Prevention of customer account use to start attacks towards third parties.

Some of our long-term goals also include:

Cleaning of all customer websites which may be compromised or in other words – malicious code removal;

Transformation of SuperHosting.BG into a hosting company offering a maximum level of security.

In summary, we wanted to proactively protect our customer websites and emails from hacker attacks in the broadest range possible. We wanted our customers to feel secure with us and not to be concerned about the information and business they have entrusted to us. This is something that our customers expect from us and we had to meet their expectations.

Last but not least, when active the Security should not interfere with customer websites, cause slowdowns or generate the so-called false positives.

Nowadays, the Security system protects the websites of our customers from a considerable number of malicious action attempts. By taking this step we also improved service quality several times and the customer inquiries concerning a hacked website decreased by 90%.

Stay tuned for the next blog article, which will go further in detail about the types of protection and their content.

Lyubo is one of the main suspects for your websites success, because thanks to him you have your reliable and secure place in Internet. Lyubo's SuperPower is that he leads our team forward and always knows how to make things better.